CN100488270C - Mobile terminal, SIM card and validation method for same - Google Patents
Mobile terminal, SIM card and validation method for same Download PDFInfo
- Publication number
- CN100488270C CN100488270C CNB2005100248474A CN200510024847A CN100488270C CN 100488270 C CN100488270 C CN 100488270C CN B2005100248474 A CNB2005100248474 A CN B2005100248474A CN 200510024847 A CN200510024847 A CN 200510024847A CN 100488270 C CN100488270 C CN 100488270C
- Authority
- CN
- China
- Prior art keywords
- factor
- key
- terminal
- ciphertext
- module card
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000010200 validation analysis Methods 0.000 title 1
- BTCSSZJGUNDROE-UHFFFAOYSA-N gamma-aminobutyric acid Chemical compound NCCCC(O)=O BTCSSZJGUNDROE-UHFFFAOYSA-N 0.000 claims description 13
- 239000006185 dispersion Substances 0.000 claims description 11
- 238000000034 method Methods 0.000 claims description 11
- 102000002262 Thromboplastin Human genes 0.000 claims description 10
- 108010000499 Thromboplastin Proteins 0.000 claims description 10
- 238000012795 verification Methods 0.000 claims description 5
- 238000012360 testing method Methods 0.000 abstract 1
- 238000004891 communication Methods 0.000 description 2
- 230000002950 deficient Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a mobile end which comprises a factor capturing device which captures the factor from the user identifying module card of the mobile end, an end key storage which stores a group of optional key, and an end encipher which uses one key of the end key storage to do the encipher and generate the end cryptogram. It also discloses a user identifying module card used in mobile end which comprises: a factor generator which generates the factors and transmits them to the mobile end, a key storage, encipher and a cryptogram tester which compares the generated cryptogram with the end cryptogram. It also discloses a testing method used in the mobile end and the user identifying nodule card.
Description
Technical field
The present invention relates to a kind of portable terminal that is used for mobile public telephone, be used for this mobile terminal user identification module card and be used for their verification method.
Background technology
Along with development of wireless communication devices, wireless product is increasingly extensive in the application in public correspondence field, and mobile public telephone is extensively promoted by the operator.Mobile public telephone is a kind of mobile phone that exactly likes fixed line, and it does not need telephone wire, not limited by the region, and rate are cheaper than common mobile phone, therefore, is subjected to many users' favor.But the security performance of mobile public telephone is lower before this, the phenomenon that subscriber identify module card wherein (SIM card) is removed free call on sb. else's expense through illegal means in mobile phone is very general, had a strong impact on should business the income with common mobile phone phonetic business of carrying out.
Summary of the invention
The objective of the invention is to overcome the defective of above-mentioned prior art, a kind of portable terminal that is used for mobile public telephone is provided, is used for this mobile terminal user identification module card and is used for their verification method.
The objective of the invention is to be achieved through the following technical solutions:
A kind of portable terminal comprises:
A factor deriving means, the factor I that its factor generating apparatus that obtains the subscriber identify module card from be installed in this portable terminal transmits, a factor and a factor III;
A terminal key storage device, it stores one group of alternative key;
A terminal encryption device, its factor of utilizing a key in this terminal key storage device that this factor deriving means is obtained is encrypted and is generated the terminal ciphertext;
Wherein, this subscriber identify module card also comprises a key storage device, an encryption device and a ciphertext demo plant, this key storage device is identical with terminal key storage device in this portable terminal, this encryption device is identical with the terminal encryption device of this portable terminal, and this ciphertext demo plant compares checking with subscriber identify module card ciphertext and this terminal ciphertext that this encryption device generates.
Wherein, this terminal encryption device comprises:
A key selecting device, it selects a master key according to this factor I from this key storage device;
An one-level encryption device, it as dispersion factor, utilizes multistage key decentralized algorithm that this master key is encrypted with this factor, obtains one first key;
A secondary encryption device, it as dispersion factor, utilizes multistage key decentralized algorithm that this first key is encrypted with this factor I, obtains a session key;
A ciphertext generating apparatus uses this session key utilization triple DES algorithm that this factor III is encrypted, and obtains the terminal ciphertext.
A kind ofly be used for above-mentioned mobile terminal user identification module card, it is characterized in that it comprises:
A factor generating apparatus, it generates a factor I, a factor and a factor III, and they are passed to the factor deriving means of this portable terminal;
A key storage device, it is identical with terminal key storage device in this portable terminal;
An encryption device, its terminal encryption device with this portable terminal is identical;
A ciphertext demo plant, the terminal ciphertext that the subscriber identify module card ciphertext that this encryption device is generated and this portable terminal transmit compares checking.
Wherein, this factor is the card number of this subscriber identify module card, and this factor I is first random number that this factor generating apparatus obtains, and this factor III is second random number that this factor generating apparatus obtains.
A kind of verification method that is used for above-mentioned portable terminal and above-mentioned subscriber identify module card comprises:
A. in this subscriber identify module card, generate one first random number and one second random number;
B. first and second random numbers and its card number are passed to this portable terminal;
C. in this portable terminal, utilize this first random number from a group key of storage in advance, to choose one as master key;
D. with the card number of this subscriber identify module card as dispersion factor, use multistage key decentralized algorithm that this master key is carried out one-level and encrypt, obtain the one-level key;
E. with this first random number as dispersion factor, use multistage key decentralized algorithm that this one-level key is encrypted, obtain session key;
F. utilize this session key, utilization triple DES algorithm is encrypted this second random number, obtains the terminal ciphertext;
G. in this subscriber identify module card, the described method of utilization c to f is encrypted, and obtains the subscriber identify module card ciphertext;
H. in this subscriber identify module card, this terminal ciphertext and this subscriber identify module card ciphertext are compared,, then the network authentication parameter is passed to this portable terminal if identical.
Positive progressive effect of the present invention is: realized that the special card of subscriber identify module card is special-purpose in the mobile public telephone, the fail safe that has greatly improved mobile public telephone avoids mobile public telephone by free call on sb. else's expense through illegal means.
Description of drawings
Fig. 1 is the system block diagram of one embodiment of the invention.
Fig. 2 is a proof procedure flow chart in one embodiment of the invention.
Embodiment
Provide preferred embodiment of the present invention below in conjunction with accompanying drawing, to describe technical scheme of the present invention in detail.
As shown in Figure 1, a kind of portable terminal 1 that is used for mobile public telephone, be used for the subscriber identify module card 2 of this portable terminal 1, wherein, this portable terminal 1 comprises a factor deriving means 11, a terminal encryption device 12 and a terminal key storage device 13, and this subscriber identify module card 2 comprises a factor generating apparatus 21, key storage device 22, an encryption device 23 and a ciphertext demo plant 24.
This factor generating apparatus 21 produces a plurality of factors, be factor I, factor and factor III, wherein, this factor is the card number of this subscriber identify module card 2, this factor I is first random number that this factor generating apparatus 21 obtains, this factor III is second random number that this factor generating apparatus 21 obtains, and a plurality of factors are passed to this factor deriving means 11.
This terminal encryption device 12 comprises a key selecting device 121, an one-level encryption device 122, a secondary encryption device 123 and a ciphertext generating apparatus 124, this key selecting device 121 is according to this factor I, i.e. this first random number, in this terminal key storage device 13, choose a key as master key, this one-level encryption device 122 utilizes the card number of this subscriber identify module card 2 that this master key is encrypted, obtain the one-level key, this secondary encryption device 123 utilizes this first random number that this one-level key is encrypted, obtain session key, this ciphertext generating apparatus 124 utilizes this session key that this second random number is encrypted, and obtains the terminal ciphertext.
Profit uses the same method and obtain the subscriber identify module card ciphertext in this subscriber identify module card 2.Wherein, this terminal encryption device 12 is identical with this encryption device 23, and this terminal key storage device 13 is identical with this key storage device 22.
This portable terminal 1 passes to this terminal ciphertext the ciphertext demo plant 24 of this subscriber identify module card 2, whether this ciphertext demo plant 24 compares this terminal ciphertext and this subscriber identify module card ciphertext, mate to verify this portable terminal 1 and this subscriber identify module card 2.
Wherein, the cryptographic algorithm of using in this one-level encryption device 122 and this secondary encryption device 123 is that multi-level encryption disperses (PBOC) algorithm, and adopting algorithm in this ciphertext generating apparatus 124 is triple DES (3DES) algorithm.
Described multistage key decentralized algorithm is as follows:
If primary key is Km, word length is 16 bytes, and it is divided into left and right sides two parts, and left-half is designated as Kml, and right half part is designated as Kmr.If dispersion factor is X, the distributed key of establishing generation is Kc, and it is divided into two parts, and left-half is designated as Kcl, and right half part is designated as Kcr.
Then, and Kcl=3DES (Kml, X), Kcr=(Kmr, NOT X), Kc=Kcl|Kcr.
Wherein, NOT X is X step-by-step negate.
As shown in Figure 2, in the use, as follows to the proof procedure of this portable terminal 1 and this subscriber identify module card 2:
Generate one first random number and one second random number, as step 110;
The card number of this first and second random number and this subscriber identify module card 2 is passed to this portable terminal, as step 120;
In this portable terminal 1, utilize this first random number from a group key of storage in advance, to obtain one as master key, as step 130;
The card number of this subscriber identify module card 2 as dispersion factor, is used multistage key to disperse (PBOC) algorithm that this master key is carried out one-level and encrypts, obtain the one-level key, as step 140;
As dispersion factor, use multistage key to disperse (PBOC) algorithm that this one-level key is encrypted this first random number, obtain session key, as step 150;
Utilize this session key, utilization triple DES (3DES) algorithm is encrypted this second random number, obtains the terminal ciphertext, as step 160;
In this subscriber identify module card 2, use above-mentioned method to encrypt, obtain the subscriber identify module card ciphertext, as step 170 to 200;
This terminal ciphertext and this subscriber identify module card ciphertext are compared,,, then the network authentication parameter is passed to this portable terminal if identical as step 210, as step 220, otherwise, incite somebody to action not delivery network authentication parameter, as step 230, this terminal 1 also just can't access network, can't carry out communication.Like this, this subscriber identify module card just can only be used for this portable terminal, has greatly improved the fail safe of mobile public telephone.
Claims (5)
1, a kind of portable terminal is characterized in that, it comprises:
A factor deriving means, the factor I that its factor generating apparatus that obtains the subscriber identify module card from be installed in this portable terminal transmits, a factor and a factor III;
A terminal key storage device, it stores one group of alternative key;
A terminal encryption device, its factor of utilizing a key in this terminal key storage device that this factor deriving means is obtained is encrypted and is generated the terminal ciphertext;
Wherein, this subscriber identify module card also comprises a key storage device, an encryption device and a ciphertext demo plant, this key storage device is identical with terminal key storage device in this portable terminal, this encryption device is identical with the terminal encryption device of this portable terminal, and this ciphertext demo plant compares checking with subscriber identify module card ciphertext and this terminal ciphertext that this encryption device generates.
2, portable terminal according to claim 1 is characterized in that, this terminal encryption device comprises:
A key selecting device, it selects a master key according to this factor I from this key storage device;
An one-level encryption device, it as dispersion factor, utilizes multistage key decentralized algorithm that this master key is encrypted with this factor, obtains one first key;
A secondary encryption device, it as dispersion factor, utilizes multistage key decentralized algorithm that this first key is encrypted with this factor I, obtains a session key;
A ciphertext generating apparatus uses this session key utilization triple DES algorithm that this factor III is encrypted, and obtains the terminal ciphertext.
3, a kind ofly be used for mobile terminal user identification module card as claimed in claim 1, it is characterized in that it comprises:
A factor generating apparatus, it generates a factor I, a factor and a factor III, and they are passed to the factor deriving means of this portable terminal;
A key storage device, it is identical with terminal key storage device in this portable terminal;
An encryption device, its terminal encryption device with this portable terminal is identical;
A ciphertext demo plant, the terminal ciphertext that the subscriber identify module card ciphertext that this encryption device is generated and this portable terminal transmit compares checking.
4, subscriber identify module card according to claim 3, it is characterized in that, this factor is the card number of this subscriber identify module card, and this factor I is first random number that this factor generating apparatus obtains, and this factor III is second random number that this factor generating apparatus obtains.
5, a kind of verification method that is used for described portable terminal of claim 1 and the described subscriber identify module card of claim 4 comprises:
A. in this subscriber identify module card, generate one first random number and one second random number;
B. this first and second random number and its card number are passed to this portable terminal;
C. in this portable terminal, utilize this first random number from a group key of storage in advance, to choose one as master key;
D. with the card number of this subscriber identify module card as dispersion factor, use multistage key decentralized algorithm that this master key is carried out one-level and encrypt, obtain the one-level key;
E. with this first random number as dispersion factor, use multistage key decentralized algorithm that this one-level key is encrypted, obtain session key;
F. utilize this session key, utilization triple DES algorithm is encrypted this second random number, obtains the terminal ciphertext;
G. in this subscriber identify module card, the described method of utilization c to f is encrypted, and obtains the subscriber identify module card ciphertext;
H. in this subscriber identify module card, this terminal ciphertext and this subscriber identify module card ciphertext are compared,, then the network authentication parameter is passed to this portable terminal if identical.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2005100248474A CN100488270C (en) | 2005-04-01 | 2005-04-01 | Mobile terminal, SIM card and validation method for same |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2005100248474A CN100488270C (en) | 2005-04-01 | 2005-04-01 | Mobile terminal, SIM card and validation method for same |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1842187A CN1842187A (en) | 2006-10-04 |
| CN100488270C true CN100488270C (en) | 2009-05-13 |
Family
ID=37031003
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2005100248474A Expired - Fee Related CN100488270C (en) | 2005-04-01 | 2005-04-01 | Mobile terminal, SIM card and validation method for same |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100488270C (en) |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101399659B (en) * | 2007-09-30 | 2011-05-25 | 中兴通讯股份有限公司 | Cipher key authentication method and device between user identification module and terminal |
| CN101739756B (en) * | 2008-11-10 | 2012-01-11 | 中兴通讯股份有限公司 | Method for generating secrete key of smart card |
| CN101583126B (en) * | 2009-06-04 | 2013-11-06 | 中兴通讯股份有限公司 | Card locking method, subscriber identity module card and mobile terminal |
| CN101692730B (en) * | 2009-09-01 | 2012-02-01 | 厦门敏讯信息技术股份有限公司 | Encrypted interaction mode for SIM card and special public telephone terminal and special public telephone terminal |
| CN102281529A (en) * | 2010-06-13 | 2011-12-14 | 厦门敏讯信息技术股份有限公司 | Method for entering production maintenance state of hand-held device |
| CN102833077A (en) * | 2012-09-25 | 2012-12-19 | 东信和平科技股份有限公司 | Encryption and decryption methods of remote card-issuing data transmission of financial IC (Integrated Circuit) card and financial social security IC card |
| CN105245505A (en) * | 2015-09-14 | 2016-01-13 | 深圳市优友互联有限公司 | Data transmitting method and device, data receiving method and device, and receiving-transmitting system |
-
2005
- 2005-04-01 CN CNB2005100248474A patent/CN100488270C/en not_active Expired - Fee Related
Also Published As
| Publication number | Publication date |
|---|---|
| CN1842187A (en) | 2006-10-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100488270C (en) | Mobile terminal, SIM card and validation method for same | |
| CN101300808B (en) | Method and arrangement for secure autentication | |
| CA2518032A1 (en) | Methods and software program product for mutual authentication in a communications network | |
| CN106656503B (en) | Method for storing cipher key, data encryption/decryption method, electric endorsement method and its device | |
| CN103186850B (en) | For obtaining the method for evidence for payment, equipment and system | |
| CN103701757B (en) | Identity authentication method and system for service access | |
| CN109617675B (en) | Method and system for authenticating identifiers of both sides between charge and discharge facility and user terminal | |
| CN102036236A (en) | Method and device for authenticating mobile terminal | |
| CN101789865A (en) | Dedicated server used for encryption and encryption method | |
| CN101917710A (en) | Method, system and related device for mobile internet encryption communication | |
| CN109257328B (en) | Safe interaction method and device for field operation and maintenance data | |
| CN108848495B (en) | User identity updating method using preset key | |
| CN113704780B (en) | Power distribution network user side information self-adaptive encryption method based on model driving | |
| CN102647279B (en) | Encryption method, encrypted card, terminal equipment and interlocking of phone and card device | |
| CN105447715A (en) | Method and apparatus for anti-theft electronic coupon sweeping by cooperating with third party | |
| CN105812366A (en) | Server, anti-crawler system and anti-crawler verification method | |
| CN101547096B (en) | Net-meeting system and management method thereof based on digital certificate | |
| CN108809633A (en) | A kind of identity authentication method, apparatus and system | |
| CN106878015A (en) | Encryption satellite communication system and method | |
| CN108632042A (en) | A kind of class AKA identity authorization systems and method based on pool of symmetric keys | |
| CN105208028A (en) | Data transmission method and related device and equipment | |
| CN101374251B (en) | Method for encrypting short message and used terminal equipment thereof | |
| CN100517357C (en) | Secure license key method and system | |
| CN110098925A (en) | Based on unsymmetrical key pond to and random number quantum communications service station cryptographic key negotiation method and system | |
| CN1783777B (en) | Enciphering method and system for fixing communication safety and data and fixing terminal weight discriminating method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C41 | Transfer of patent application or patent right or utility model | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20160223 Address after: 200335 Shanghai city Changning District Admiralty Road No. 633 building A Room 201 Patentee after: SIMCOM WIRELESS SOLUTIONS Ltd. Address before: 1401 room 8, No. 200336, Xingyi Road, Hongqiao Development Zone, Shanghai Patentee before: Shanghai SIMCom Ltd. |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20170125 Address after: 200335 Shanghai city Changning District Admiralty Road No. 633 Building 1 layer 6 Patentee after: SHANGHAI SIMCOM Ltd. Address before: 200335 Shanghai city Changning District Admiralty Road No. 633 building A Room 201 Patentee before: SIMCOM WIRELESS SOLUTIONS Ltd. |
|
| TR01 | Transfer of patent right |
Effective date of registration: 20170928 Address after: 200335 Shanghai city Changning District Admiralty Road No. 633 building A Room 201 Patentee after: SIMCOM WIRELESS SOLUTIONS Ltd. Address before: 200335 Shanghai city Changning District Admiralty Road No. 633 Building 1 layer 6 Patentee before: Shanghai SIMCom Ltd. |
|
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20200206 Address after: 201201 room 606-a, building a, 3000 Longdong Avenue, China (Shanghai) pilot Free Trade Zone, Pudong New Area, Shanghai Patentee after: LONGSUNG TECHNOLOGY (SHANGHAI) CO.,LTD. Address before: 200335 Shanghai city Changning District Admiralty Road No. 633 building A Room 201 Patentee before: SIMCOM WIRELESS SOLUTIONS Ltd. |
|
| TR01 | Transfer of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20090513 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |